Presentation is loading. Please wait.

Presentation is loading. Please wait.

Theo Tryfonas Centre in Systems, Faculty of Engineering Embedding Competitor Intelligence Capability in the Software Development Lifecycle Security and.

Published byKathlyn Pope Modified over 8 years ago

Similar presentations

Presentation on theme: "Theo Tryfonas Centre in Systems, Faculty of Engineering Embedding Competitor Intelligence Capability in the Software Development Lifecycle Security and."— Presentation transcript:

1 Theo Tryfonas Centre in Systems, Faculty of Engineering Embedding Competitor Intelligence Capability in the Software Development Lifecycle Security and Protection of Information 2009 - Brno, Czech Republic

2 2 Outline Competitor Intelligence (CI) and tools Software development process and informational requirements An integration framework Relationship to infosec and challenges

3 3 The importance of Intelligence “If you know the enemy and know yourself, you need not fear the result of 100 battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle” General Sun-Tzu, c. 544-496 BC (?)

4 Recent industrial espionage cases 4

5 5 Competitor Intelligence and competitive advantage Many forms of intelligence –National Intelligence, Military Intelligence, Criminal Intelligence, Corporate Intelligence, Business Intelligence, Competitive Intelligence etc. CI: A systematic and ethical program for gathering, analyzing, and managing information that can affect a company's plans, decisions, and operations.

6 6 The CI process The process of monitoring the competitive environment. –80% of large multinationals have an organized system for collecting intelligence –60% of US companies (of that review sample) It includes competitive, technical, people, and market intelligence.

7 7 The CI process Integrative CI model showing intelligence information processing stages (Bouthilier & Shearer, 2003)

8 8 CI tools and applications... Generic (e.g. databases) and specific (e.g. price monitoring agents) –Mind mapping, system dynamics, textual analysis, … Knowledge management/information engineering focused –Requirements elicitation, Data mining, Artificial intelligence, OLAP, Visualisation, Collaboration portals etc. The Internet! (table 1 in the paper: tool/function/description)

9 9... facilitating Porter’s five forces analysis (consumer, vendor, competitor, new entrants, substitutes) SWOT analysis (strength-weakness-opportunity- threat) Competitor profiling Benchmarking (measuring against competition) Customer-led/requirements-driven design Etc. etc.

10 10 The software market: Monopolies and ‘The cathedral and the bazaar’ The software industry faces extreme pressures to provide new applications that add value in today's competitive environment. (authors’ JCIM paper) ‘Siloed’ market with near-monopolies for core technologies –E.g. OS (Microsoft), database (Oracle) Intellectual property protection drive, s/w licencing and (personal view) misunderstanding of the digital product in pricing strategy – OSS/FS vs. commercial

11 11 Software processes and development lifecycles Developing a product in isolation is impossible – especially software –User needs, technology platforms, development tools, laws and regulations, available products and their shortcomings etc. etc. Information gathering is critical throughout the development lifecycle –Both technical and organisational/market driven –To appreciate cost and risk and anticipated revenue

12 12 SDLC The informational requirements are similar regardless of the nature of the process (linear, iterative,...) Fig from http://en.wikipedia.org/wiki/Iterative_development Fig. from http://en.wikipedia.org/wiki/Software_development_process

13 13 Indicative informational requirements in the SDLC – intelligence input Requirements analysis –User needs and preferences, threats and threat agents, existing products, emerging markets,... Design –Input from previous stage –Competitive products designs,... Coding –Input from previous stage –Target platform APIs, threats and threat agent tools, target platform or build technology known vulnerabilities and exploits,... Testing –Input from previous stage –User needs and preferences,... Etc. etc.

14 Integration of CI into SDLC 14

15 Integration of CI into SDLC (cont’d) 15

16 16 CI/Infosec interface: Knowing others, protecting yourself Information security practices can assure the ethical gathering and processing of information (e.g. via compliance with Data Protection Acts) as well as protection from unethical gathering (industrial espionage of third parties, risk of internal threat etc.)

17 17 Conclusions Understanding the market, user needs and how to price the resulting product has a profound impact on software – and its security –Piracy and IP protection, put-to-market pressure etc. Competitor intelligence is usually viewed as a task of marketers – it isn’t –Many technical aspects, threat environment and hi-tech espionage, need for professional integrity assurance Software processes are now (after many years of preaching) being modified to meet infosec requirements – perhaps they could also formalise the intelligence input to the development/security processes –to capitalise on the maturity of the CI discipline and on the interface of security with real-life business

Download ppt "Theo Tryfonas Centre in Systems, Faculty of Engineering Embedding Competitor Intelligence Capability in the Software Development Lifecycle Security and."

Similar presentations

Components of a Product Vision/Strategy

Components of a Product Vision/Strategy
Definition Competitive Advantage

Definition Competitive Advantage
Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.

Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.
Principal Patent Analyst

Principal Patent Analyst
Industry Analysis - Porter's Five Forces

Industry Analysis - Porter's Five Forces
EVALUATING A COMPANY’S EXTERNAL ENVIRONMENT

EVALUATING A COMPANY’S EXTERNAL ENVIRONMENT
Lecture 2 External Environment Analysis & Globalisation.

Lecture 2 External Environment Analysis & Globalisation.
1 MIS, Chapter 1 ©2011 Course Technology, a part of Cengage Learning INFORMATION SYSTEMS: AN OVERVIEW CHAPTER 1 Hossein BIDGOLI MIS Cambios en este color.

1 MIS, Chapter 1 ©2011 Course Technology, a part of Cengage Learning INFORMATION SYSTEMS: AN OVERVIEW CHAPTER 1 Hossein BIDGOLI MIS Cambios en este color.
Dr Neil Bradshaw Director of Enterprise The role of IPR as seen by the academic community LES Annual Conference, Bristol, June 24, 2004.

Dr Neil Bradshaw Director of Enterprise The role of IPR as seen by the academic community LES Annual Conference, Bristol, June 24, 2004.
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
1 5 FORCES DRIVING INDUSTRY 5 FORCES DRIVING INDUSTRY COMPETITION COMPETITION ( Porter, 1980 ) INDUSTRY POTENTIAL ENTRANTS BUYERS SUBSTITUTES SUPPLIERS.

1 5 FORCES DRIVING INDUSTRY 5 FORCES DRIVING INDUSTRY COMPETITION COMPETITION ( Porter, 1980 ) INDUSTRY POTENTIAL ENTRANTS BUYERS SUBSTITUTES SUPPLIERS.
Vulnerability Testing Approach Prepared By: Phil Cheese Nov 2008.

Vulnerability Testing Approach Prepared By: Phil Cheese Nov 2008.
Developing A Strategy For The Internet Age The Five Forces Model

Developing A Strategy For The Internet Age The Five Forces Model
Organization Development and Change

Organization Development and Change
Strategic Management: Concepts and Cases

Strategic Management: Concepts and Cases
©2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

©2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
CHAPTER ONE OVERVIEW SECTION 1.1 – BUSINESS DRIVEN MIS

CHAPTER ONE OVERVIEW SECTION 1.1 – BUSINESS DRIVEN MIS
Organization Development and Change

Organization Development and Change
Presented By: Lindsey Moore John Limberg Matt Martinez Joseph Morgan.

Presented By: Lindsey Moore John Limberg Matt Martinez Joseph Morgan.
SDLC. Information Systems Development Terms SDLC - the development method used by most organizations today for large, complex systems Systems Analysts.

SDLC. Information Systems Development Terms SDLC - the development method used by most organizations today for large, complex systems Systems Analysts.

Similar presentations

Ads by Google